Snort mailing list archives
Re: CVEs -> Snort Rules
From: "Joel Esler (jesler)" <jesler () cisco com>
Date: Sat, 14 Nov 2015 18:47:44 +0000
You can search for the CVEs in the policy application interface and it will show you the applicable rules, or you can search for the CVE on Snort.org<http://snort.org>. -- Joel Esler Manager, Talos Group Sent from my iPhone On Nov 14, 2015, at 1:01 PM, Nate B. Clark <nateclark () tyndale com<mailto:nateclark () tyndale com>> wrote: Hi - In researching specific software vulnerabilities one can easily find CVEs that denote the relevant information. For example, https://developer.joomla.org/security-centre/628-20151001-core-sql-injection.html provides CVE Numbers: CVE-2015-7297, CVE-2015-7857, CVE-2015-7858. Is there any resource out there (from Cisco/Talos/Sourcefire or otherwise) that has the ability to determine if an existing Sort Rule maps to a published CVE? The ultimate goal would be to ensure the relevant rules are enabled and protect against the Joomla vulnerabilities until the software can be properly patched. We also wish to do the same with some specific Oracle CVEs, etc.. We are using Cisco FireSIGHT Management Center. Thanks, Nate Clark Network Administrator Tyndale House Publishers 351 Executive Dr. Carol Stream, IL 60188 ------------------------------------------------------------------------------ _______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net<mailto:Snort-sigs () lists sourceforge net> https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
------------------------------------------------------------------------------
_______________________________________________ Snort-sigs mailing list Snort-sigs () lists sourceforge net https://lists.sourceforge.net/lists/listinfo/snort-sigs http://www.snort.org Please visit http://blog.snort.org for the latest news about Snort!
Current thread:
- CVEs -> Snort Rules Nate B. Clark (Nov 14)
- Re: CVEs -> Snort Rules Y M (Nov 14)
- Re: CVEs -> Snort Rules Joel Esler (jesler) (Nov 14)
- Message not available
- Re: CVEs -> Snort Rules Joel Esler (jesler) (Nov 14)
- Message not available